Results 1 to 2 of 2

Thread: Using a Quadro with Dual WAN Firewall

  1. #1

    Default



    I am trying to configure a Quadro behind a Netgear FVX538 dual WAN firewall. Unfortunately no matter what I try I cannot get the NAT traversal working, thus cannot get the Quadro installed. Has anyone achieved an environment with either the same or another dual WAN firewall. If yes, could you please advise of the firewall device and configuration.


    Many thanks
    David


    PS - The client requires a dual WAN link for redundancy purposes.

  2. #2

    Default

    We tested XiNCOM dual WAN Routers with Quadro in the followong two different scenarios:

    ----------Scenario1:
    WAN1 of dual WAN router is up and running and WAN2 of dual WAN router is in backup mode, i.e. the WAN2 will be up and running only in case of WAN1 failure.

    Network Configuration:
    · The Quadro is located behind the dual WAN router (in the LAN).

    Quadro Configuration:
    · STUN is enabled on the Quadro.

    Dual WAN router configuration:
    · The WAN1 interface of the dual WAN router is set to "enabled".
    · The WAN2 interface of the dual WAN router is set to "backup".
    · The SIP and RTP port forwarding on both interfaces of the dual WAN router is enabled.

    The described configuration works in the following way: the LAN traffic goes through the WAN1 interface of the router until it is alive. If the WAN1 interface fails for some reason, the WAN2 interface will get activated in the timeout of 60 seconds. All the LAN traffic will start now moving through the WAN2 interface.

    The STUN agent on the Quadro will detect the new IP within the timeout of 300 seconds. The STUN agent will rescan all Quadros ports and switch to the new configuration.

    This scenario is working OK. The maximum Quadro failure (out of operation) timeout is 360 seconds (the router’s 60 seconds + Quadro’s STUN 300 seconds).

    Please note: All mentioned timeouts are default and can be reconfigured manually. The scenario works similarly for both models of the router.

    That is what was tested using XiNCOM devices. From the perspective of the scenario, the use of routers is useful if two Internet Service Providers are available for the Quadro users.

    -----------Scenario2:
    Both WAN interfaces are up and running. To use both channels of the dual WAN router, both WAN interfaces on the router must be set to “enabled,” and the Quadro STUN client must be activate. With this configuration, we will have the following picture:

    Incoming RTP traffic:
    The Quadro STUN client will detect one of the two WAN interfaces (either) as the IP address of the NAT against it (assume WAN1 is detected). When setting up a SIP call, this detected WAN IP address (WAN1) will be indicated in signaling packets. Thus, all incoming RTP packets will be received on the detected interface – WAN1.

    Outgoing RTP traffic:
    Outgoing RTP packets will go through the both interfaces of the router. The total load will be divided between the interfaces depending on the router’s load balancing configuration. For example, if we have configured 40/60% (WAN1- 40% , WAN2 - 60%), then the 40% of all the RTP packets will go through the WAN1, and the remaining 60% through WAN2.

    Below are the known drawbacks of this scenario:

    .If the WAN interfaces of the router connect to ISPs that provide different Internet connection speeds, there is a possibility that the end-point will receive RTP packets out of sequence.

    .The called party may use RTP filter, i.e. it is configured to accept RTP packets only from the IP address that was negotiated during call setup. If the called party employs such a filter, it will ignore the 60% of the total RTP packets issued from the Quadro.

    .The Quadro will not be functional for maximum 360 seconds if the detected WAN interface goes down at some point. Within 360 seconds, the Quadro will detect WAN2 interface as the NAT IP address and will continue to work through that interface.

    -------------
    Please Note: In Both scenarios all active calls on the Quadro will be dropped if the dual WAN router's WAN interface that the Quadro uses goes down.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Quadro 16x behind FortiGate Firewall
    By pdiaz in forum 'How Do I' Questions
    Replies: 2
    Last Post: 07-22-2010, 10:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •